Sei sulla pagina 1di 8

World of Computer Science and Information Technology Journal (WCSIT)

ISSN: 2221-0741
Vol. 6, No. 5,31-38, 2016

Object Oriented Model Development for Education

Institutes Internal Auditing Process
Sally Dafaallah Abualgasim

Hujla Siddig Abd-Allah Osman

Department Computer Engineering

Faculty of Engineering and Technology
University of Gezira
Wed Medani, Sudan

Accounting and Banking Information Systems Department

Wad Medani Technological College
Sudan Technological University
Wed Medani, Sudan

AbstractThe technology plays an essential role and help the organizations to work better and maximizing their operation
achievements. The IT auditor plays an increasingly important role in helping organizations to manage and respond to risks. The aim
of this paper is to gather some of the internal auditors skills to be available for other auditors in education institute and collect the
experiences of the auditors to design a system and also help internal auditors to manage their tasks in a systematic way by automating
the accounting files. The proposed system will help the internal auditor to take good, fast, and more accurate decisions and to provide
an internal auditing system for education institute. The study used the object-oriented models to design the internal auditing system.
Keywords- IT Auditor; Object Oriented Model; Internal Auditor; Education Institute; Accounts Auditing; UML.


deal with issues that are fundamentally important to the survival

and prosperity of any organization. They have a professional
duty to provide an unbiased and objective view. They must be
independent from the operations they evaluate and report to the
highest level in an organization like a senior managers and
governors. Typically, this is the board of directors or the board
of trustees, the accounting officer or the audit committee. To be
effective, the internal audit activity must have qualified, skilled
and experienced people who can work in accordance with the
code of ethics and the international standards. Internal auditors
have to be independent people who are willing to stand up and
be counted; their employers value them because they provide an
independent, objective and constructive view. To do this, they
need a remarkably varied mix of skills and knowledge. The audit
environment is a unique and highly complex decision-making
environment. There are sources of error and inconsistency that
are unique to the audit environment. Personal computers and
other changes in technology have had and will continue to have
an impact on the audit environment. In addition, the audit
decision making environment is process oriented and not results
oriented [4, 8]. Internal auditors those individuals who perform
the activities of the internal audit function. Internal auditors may
belong to an internal audit department or equivalent function


With the ever increasing reliance on information technology

and increased complexity of computer installations, internal
audit departments can no more rely on generalist auditors to
provide assurance in the areas related to information technology.
A solid IT knowledge foundation (e.g. obtained from IT
academic study or actual IT work experience) seems to be
necessary to meet the internal audit mandate [1].
The financial accounting and reporting system of any firm,
regardless of country, is heavily dependent on the internal
control structure of a firm. An integral component of any control
structure is an effective internal audit department [2].
The institute of internal auditors (IIA) defines internal
auditing as an independent, objective assurance and consulting
activity designed to add value and improve an organization's
operations. In a broad sense, internal auditing helps a business
to achieve its goals by continuously evaluating and honing the
processes of risk management, control, and governance. With
regards to accounting, internal auditing is used to deter and
investigate fraud, safeguard assets, and make certain that
financial reporting is timely and accurate. Internal auditing also
ensures that a company's accounting policies and procedures are
in compliance with laws and regulations [3, 4, 13]. Internal
auditing is conducted in diverse legal and cultural environments;
within organizations that vary in purpose, size, complexity, and
structure; and by persons within or outside the organization.
While differences may affect the practice of internal auditing in
each environment, conformance with The IIAs international
standards for the professional practice of internal auditing
(Standards) is essential in meeting the responsibilities of internal
auditors and the internal audit activity [7,12].Internal auditors

There are many types of audits; the internal audit activity will
determine which kind of audit process (or a combination) to
perform based on a formal risk assessment process. A financial
audit reviews the recording and reporting of financial
transactions. The purpose of this type of audit is to provide
management with assurance that financial information is
complete and accurately recorded in the municipalities financial
records and that these records support the information shown in
the financial reports [13].

WCSIT6 (5), 31 -38, 2016

Information system auditors main objective is to formulate
an opinion about the effectiveness and the contribution of
information systems to enterprise objective. His/her judgment
can be influenced by factors such as his/her knowledge of the
organization information systems, and the degree of risk of
misstatement through errors. More generally, the purpose of IT
audit is to evaluate IT controls. IT auditor assesses and advises
on the following aspects of information technology:
effectiveness, efficiency, exclusiveness, etc. Although there is
no common understanding regarding the appropriate evaluation
theory, however, there are three main concepts that structure the
audit process: information systems processes and domains, audit
criteria, and audit framework. The internal auditing profession
exists within an organization to serve both management and the
organization in providing recommendations and suggestions for
continuous improvements [6].

contribute to the behavior of a system by collaborating with one

another. Instead of a bit-grinding processor raping and
plundering data structures, a universe of well-behaved objects
that courteously ask each other to carry out their various desires
are exist [19].
Class diagram is one of the static diagrams in UML, it
addressing primarily structural characteristics of the domain of
interest, it also allows capturing the responsibilities that classes
can perform, without any specifics of the behaviors. Other static
diagram types are providing perspectives that are not directly
related to database systems. A database system is usually part
of an overall system, whose underlying model should encompass
all the different perspectives [20].


Authors in [8] proposed first auditing-based system The

Internal Control Model (TICOM) which implements artificial
intelligence techniques in the system. TICOM is an analytic tool
that aids the auditor in modeling the internal control system and
querying the model in order to aid the auditor in evaluating the
internal control system. TICOM was implemented in Pascal.

The IT auditor plays an increasingly important role in

helping companies manage and respond to risks [21].
Object-oriented design is suggested as a method of design
encompassing the process of object-oriented decomposition and
a notation for depicting logical and physical as well as static and
dynamic models of the system under design. There are two
important parts to this definition: object-oriented design leads to
an object-oriented decomposition and uses different notations to
express different models of the logical (class and object
structure) and physical (module and process architecture) design
of a system, in addition to the static and dynamic aspects of the
system. Object-oriented analysis emphasizes the building of
real-world models and using an object-oriented view of the
world. Object-oriented analysis defined as a method of analysis
that examines requirements from the perspective of the classes
and objects found in the vocabulary of the problem domain
[18].An object by itself is intensely uninteresting. Objects

Authors in [5] noted that the audit knowledge domain has

two main forms of systems, first form is supporting the audit
process itself such as audit planning, analytical review, internal
control evaluation and second form is supporting estimates to be
made by corporations and being reviewed by auditors such as
bad debt estimation, loan loss estimation or even in the tax area
with tax accrual verification. Many of the important studies,
serving as the base of evaluation of feasibility of particular
approaches were performed in the five years 1985-1990. A
symbolic chart placing studies in relation to the step in the audit
process is described in Figure (1).

Figure 1: Selected Studies in Audit Process [5].

Author in [14] identified four different sources of error and

inconsistency that occurs when the internal auditing processes
are run by the humans:

1. Judgment inconsistencies occur whenever there is a

difference between judgments, given the same data set and
objectives, regardless of whether a generally accepted
criterion exists.
2. An error in overall judgment occurs when the auditor
issues an incorrect audit opinion.

Judgment errors occur when there is a departure from a

generally accepted criterion.


WCSIT6 (5), 31 -38, 2016

auditor and results indicated there are no significant differences
between public and private sector responses.

3. An inconsistency in overall audit judgments occurs when

different auditors render significantly different audit
opinions based upon an identical set of financial statements
and an identical set of audit evidence.
Author in [2] said that computer programs can be used to
improve the consistency of human responses and mitigate errors
in the internal auditing process [17].

Authors in [24] highlighted the pressures auditors would face in

the era of globalization and challenges in order to maintain trust
and integrity. The authors have reviewed a wide range of
articles and journals published and covered areas of audit fraud,
true and fair view interpretation, auditor independence and role
of internal auditors, authors in [22] presented the study, the role
and responsibility of internal auditors in the detection and
prevention of fraud was discussed. In addition, to express that,
computer fraud is easy to commit but difficult to prevent and
therefore, the auditors should define their responsibility for
computer fraud. The authors have defined the lack of
independence, integrity and credibility of the auditing
profession on the role and responsibility to detect and prevent
audit fraud.
Author in [25] explored the auditors approaches in utilizing
the audit tools, software and how technology evaluation
affecting their practices. The author has illustrated the internal
auditor's 10th annual software survey in discussing the issues
interconnected with audit software in United States. The author
observed that the limitation of implementing audit software
particularly concerned with cost implication, failure of software
to meet audit departments needs, and resistance in training to
auditors. The author has cited the key note presented by several
experts in the audit-related software who had various experience
in implementing and maintaining the software inside the
organization. Author in [26] presented an audit manager and
founder of has shared his extensive
experience in the fields by suggesting several methods in
ensuring the successful implementation of audit software in the
organization. Lanza noted that, although audit programs in
general are simple to open, they can be complex to run. This can
be achieved through interactive training, and continuously
monitor the learning process. Lanza has noted that the business
sponsor (management) might reluctant to accommodate and
approved the training since they perceived the training time
might led to un-productivity. The author also disclosed much
information on the type of software adopted in the organization,
its popularity, reliability and overall satisfaction. Many audit
related software enable an organization to subscribe to and
implement them in the organization. However, several issues on
reliability and consistency arised when those software are not
meeting auditors expectation. The author also discussed on the
availability of open-source software available in the web format.
Using open-source software has distinct operational advantages.
Auditors with very specific software needs may have to look
beyond the built-in capabilities of available products and
consider crafting their own audit tools. The author also observed
customization in developing fraud-auditing techniques. The
article does not provide any detailed analysis on impact of
technology advancement and availability of complex audit
software could promote to efficient and effective audit
performance [22].

Authors in [9] used both quantitative (26 variables) and

qualitative (19 variables) risk factors as input variables in the
models. The risk was defined in an internal auditing context. The
models were in the context of a public state university. The
quantitative data were downloaded from the University of
Illinois Financial and Administration System. The qualitative
risk factor values were elicited from audit staff using a predefined scale from 0 to 9. The eventual number of variables
selected to construct the models were in the 7 to 18 range. The
research project included a Delphi study and a comparison with
statistical approaches, and presented preliminary results, which
indicated that internal auditors could benefit from using ANN
technology for assessing risk.
Author in [10] suggested that AICPA statements on
standards for attestation engagements (SSAE), attestation
standards might play a critical role in the audit of expert systems,
and although it applies to independent CPAs, it may also provide
useful guidance to internal auditors. Attestation standards
indicates that an audit should be done by someone who has
adequate technical knowledge and proficiency, in this case in
expert systems verification and validation, and in the specific
Authors in [2] examined computer usage by internal audit
departments of Canadian and U.S. firms. Internal audit
departments in the United States use computers more overall
than do Canadian internal audit departments. In addition, the
nature of computer usage varies between the two countries.
Canadian internal auditors have a stronger preference for
microcomputers over mainframes than do those in the United
States. Internal auditors in the United States write their own
computer programs more than do Canadian internal auditors.
These findings do not support the presumption that countries
with similar accounting and business environments and close
economic as well as geographic ties will have similar internal
audit departments.
Author in [23] compared features of the internal audit
function between organizations in the private and public sector.
Several aspects have been carefully examined in which include
organizational status, using internal audit as a "tour of duty"
function, outsourcing of audit function, risk management, and
interactions with external auditors. The study is based on a
survey done in Australia and New Zealand organizations.
Survey was done to indicate the length of time spent by
respondents in internal audit process and it has appeared that
internal audit has a higher status in the public sector rather than
in private sector entities. On out sourcing survey indicated that
both sectors engaged in some outsourcing of internal audit
activities particularly in information technology and system. The
percentage outsourced is quite similar between these two
sectors.Author has also discussed on the major activities
affiliated with internal audit, specified as financial audit and
internal controls, risk management operations and systems
audits. The author has explored internal audit interaction with
external auditors from the perspective of the chief internal

Authors in [27] aimed to understand internal audit functions,

explore implication of IT and analyze advantages of internal
audit in the organizational governance. The author has explored
the origin and acceptable definition of internal audit by
reviewing literature, comparative analyses, and review latest
research. The definition of internal audit has continually
changed and revised decade by decade, and still facing certain

WCSIT6 (5), 31 -38, 2016

issues understanding of internal audit function and it position
within the organization [27]. At present, the function of internal
audit includes not only of internal control effectiveness, fraud
investigations or assistance to external auditors, but also
identification of organizational risks, consultations to the senior
management with regard to risk management, process
improvement or global operations. It is vital for all members of
organization (management, accountants, audit committee, etc.)
to have same and adequate understanding of what internal audit
is all about. According to authors and supported in [22], it is
important to understand needs and expectations of internal and
external decision makers towards internal audit function. The
author has also explained that there is some independency
problem faced by internal audit being as an integral part of
organization. In exploring the implication of IT, the author has
defined the significant benefits of IT in auditing process.
Auditors aided by IT based application; computer assisted audit
tools (CAATs) increased effectiveness of internal audit in the
organization. On the other hand, IT development for example,
automation and computerization had increased risk of
discontinuing organizations activity, data loss, network
breakdown and influence business monitoring and control
process. The author has reemphasized the aim of internal audit
function is to monitor, evaluate and improve risk management,
controls, and governance process. Unfortunately, the author has
not provided enough analysis on how different corporate
governances approaches can influence internal audit process in
the organization.



An object-oriented system was developed to manage some

of problems that face the internal auditors and become an
assistant tool to the internal auditor to help them in taking
decisions. SQL server was used to design and implement the
database of the system. The object-oriented data modeling was
used to system in the analysis phase. The system was coded in
visual basic and the user interfaces were designed using
Microsoft visual studio. The internal auditing system was
developed in three steps, the first step was the analysis step, the
second step was the systems design, in which the features and
operations of the internal auditing were described in details,
including process diagrams. At the last step of internal auditing
system development methodology the system was developed
and tested, this step was termed as system evolution step, these
steps are illustrate in the following Figure (2).

Authors in [28] compared the user perceptions of feature

level usages and application level usages and suggest that user
perceptions of overall applications overshadow their perceptions
of independent features, suggesting application-level lock-in
effects and pointing out the difficulty in vendor attempts to
unbundle features from feature categories and applications.

Figure 2: Internal Auditing System Development Methodology

System Analysis
Information about internal auditing was collected and data
extracted from books, papers, web sites, and mainly from human
auditors. Data were gathered from the internal auditors by asking
question, some interviews made with the employees of the
department of internal audit in the education institutes.

According to Authors in [29], technology features have a

large impact on technology acceptance in the internal audit
profession as influencing system usage, perceived usefulness,
and perceived ease of use. System usage, perceived usefulness,
and perceived ease of use are high in basic features and low in
advanced features. Technology features will have a large
influence on technology acceptance in other professions.

System Design
In this step the dataflow diagrams (DFD) for the proposed
system was described, and the entities of the internal auditing
system were modeled as objects.

Author in [14] identified different sources of error and

inconsistency, followed by Author in [17] suggested a computer
programs to improve the consistency of human responses and
mitigate errors.

Dataflow Diagrams of the Internal Auditing Processes

Firstly, the audit structure on accounts files presented by
accounts auditing tree as shown in Figure (3). The accounts files
divided into two groups:

Most prior works were talking about auditing computer

systems in a perspective of how it overcomes the hardships of
auditing, and what are the benefits that will add to the auditing

1. Incomes: state all the proceeds of the organization divided

into six branches (Fees involving impose and cancel of
government fees and taxes, financial module, cash bank up
and supply, checks bank up and supply, notebook group,
2. Outgoings: state the expenses of the organization it is
branched into eight branches (the notebook group, the
current account, the debtors, the adjustment and budgeting,
the warehousing proceeding, the loans which also divided
into its sub branches, the procurement and contracting and
its sub branches, the compensation of the employees and
its sub branches).

The overall objective of the internal audit activity is to

provide all levels of management with an independent
assessment of the quality of the internal controls, administrative
processes and the extent to which they are assisting the
municipality in achieving its strategic objectives in terms of the
integrated development plan (IDP).
The proposed system is a system to help internal auditor in
their job and take their experience to build a good system.


WCSIT6 (5), 31 -38, 2016

Figure 3: Accounts Auditing Tree.

These two groups were summaries depend on education

institute. The summary of the data that can be used in this paper
shown in Figure (4).

Feed up the fees data

Expected vulnerable auditing
area and auditing reports


Feed up the wages and

employees data

Figure 4: The Summarized Accounts Auditing Tree.

Secondly, the auditing processes were modeled into

dataflow diagrams (DFDs), the context diagram or level (0),
which shows the environmental elements with which the system
interfaces; there are two subsystems that are used to feed the
internal auditing system for educational institute, as shown in
Figure (5).

Figure 5: Level (0) Internal Auditing Systemwith Environmental Elements

The level (1) diagram which illustrate the overall flow of

auditing processes, which the auditing process divide into two
ways according to the files will be audited, if the audited files
are incomes fees then the accounts system supply the accounts
files needed and the internal auditing system matching these
files with the expected incomes, and report the internal auditor.
If the files to be audit are compensation of employees then the
payroll system supply the needed data, the internal auditing
system audit these data, and reporting the internal auditor, as
shown in Figure (6).


WCSIT6 (5), 31 -38, 2016


Fees Subsystem

Feed up the fees data

Matching Fees
Data with

Supply fees data

Verify Fees

Reporting imposed laws

PayRoll System

Matching wages
Feed up the wages and
and employees
employees data
Data with standards

Internal auditor

Category or services

Check fees
category and
each fee service


Figure 6: Level(1) Auditing Processes Depend on the External Data Source.

The level (2) diagram which illustrate the fees and

compensation of employees auditing processes. The fees
auditing process starts when the accounts system supply the
fees, here the internal auditing system firstly verifies that the
fees imposed or canceled by formal laws, then it check the
category of each fee and the service its offer, also the internal
auditing system assure that the unit incomes are impeded in the
approval budget, at the end the system report all the results to
the internal auditor as shown in Figure (7).

Check that the unit

incomes conform
the expected linkage

Figure 7: Level (2)Fees Auditing Processes.

The compensation of employees auditing process starts

when the payroll system supply the employees compensation,
here the designed system firstly checks the administrative
structure of the unit, then it check the approved adjustment of
the unit, also the internal auditing system assure that the unit
incomes are impeded in the approval budget, after that the
system reports all the results to the internal auditor, these steps
shown in Figure (8).
PayRoll system

Supply wages and

employees data

Check the
structure of the unit



Check the approved

adjustment of the unit

Internal auditor

Check the legality of

wages, allowances
and other
specifications in the



Check the modules of

signatures and the

Figure 8: Level (2) Compensations of Employees Auditing Processes

GradStd, PostGradStd, Collage and CollageFee, as shown in

Figure (9). Then the second external source was modeled, its
consist of eleven object classes Employee, Professor,
DegreeAllownce and DegreeDeduction, as shown in Figure

Object Oriented Modeling of the Internal Auditing

In this stage the internal auditing entities were modeled into
objects using object oriented modeling techniques [15]and
unified modeling language (UML) [16]. The proposed system
depends mainly on two external sources, which take the
processes of the system into two different ways of execution,
thus, any participation of the two external sources will be
modeled separately.
The first external source is the fees subsystem was modeled,
its consist of six object classes Student, UnderGradStd,


WCSIT6 (5), 31 -38, 2016















Figure 9: Object Class Diagram of the Fees Subsystem.


Associate Professor

Assistant Professor


Teaching assistant








-includes -DegreeName
0..* 1

of-consist of





Figure 10: Object Class Diagram of the Payroll System.

student name, the paid fees, the semester, notes that explain the
reduction and the increment of the paid fees from the imposes
fees, and the collage.

Internal Auditing System Evolution

In this step the system databases, codes, and user interfaces
were designed.

The auditing of the actual incomes of the campuses

according to their expected incomes, which appear when the
auditing expected incomes button. The interface displays the
campus, the actual incomes, the expected incomes, and notes
about the variance between the actual and the expected incomes.


After login into a main form which ensures the privacy of the
auditing process and details. The interface gives the internal
auditor two choices to perform, the incomes auditing and the
outgoings auditing.
incomes auditing
The incomes auditing interface appear when the incomes
auditing button was pressed, this screen gives the internal
auditor two choices for incomes auditing, auditing the collage
incomes and auditing expected incomes, and also gives the
ability to go back for the main screen to choose another type of
files to audit it. The internal auditor select the collage he/she
wish to audit its incomes from the list of collages impeded, thus
the fees of the selected collage will be audited and the audit
results displayed, the results represent the student number, the

Outgoings Auditing
Firstly, the outgoings of the current month were
representing, and the following details will display: the
employee number, the employee name, and the employee wage.
Then the auditor has two options of auditing, audit the
employees compensation, and confirmations of outgoings.
Results of auditing employees wages detail the results of
auditing process in the compensation, listing the employee
number, the employee name, the employee working degree, the
employee status, the employee last wage, the wage modification

WCSIT6 (5), 31 -38, 2016

[4]Daniel, E. O'Leary and Paul, R. Watkins. (1989). Review of Expert Systems
in Auditing, University of Southern California.
[5]David, C. Yang.;Miklos A. Vasarhelyi. And Caixing, Liu. (2003). A note
on the using of accounting databases. Industrial Management and Data
Systems 103(3): 204-210
[6]A. B. Devale, Dr. R. V. Kulkarni (2012), A Review of Expert System in
Information System Audit, (IJCSIT) \Information Technologies, Vol. 3
(5) , ,5172 5175, ISSN:0975-9646.
[7]International Standards for the Professional Practice of Internal Auditing
(Standards), The Institute of Internal Auditors, Issued: October 2008,
Revised: October 2012.
[8]Bailey, AD., Duke, G.L., Gerlach, J., Ko, G, Meservy, RD.,Whinston, AB.
(1985), TICOM and the Analysis of internalControls, The Accounting
Review, 60, April, , pp. 186-20l.
[9]Ramamoorti, S., A. D. J. Bailey, Jr, Jr Jr., and Richard O. Traver (1999).
Risk Assessment in Internal Auditing: A Neural Network Approach.
International Journal of Intelligent Systems in Accounting, Finance and
Management 8(3): 159-180.
[10]McKee, T. (1991),"An Audit Framework for Expert Systems." Expert
Systems Rcview2, no. 4.
[11]International Standard On Auditing 610Using The Work Of Internal
Auditors, 2009.
[12]International Standards for the Professional Practice of Internal Auditing
(Standards), The Institute of Internal Auditors, Revised: October 2016 ,
Effective: January 2017.
[13]Overstrand Municipality, Internal AuditMethodology, 2015.
[14]Holstrom, G. (1984), "Sources of Error and Inconsistency in Audit
Judgment," Working, School of Accounting, University of Southern
California, paper no. 70.
[15]Meyer (1997), Object-Oriented Software Construction, Prentice Hall p.
[16] Rumbaugh, J., I. Jacobson and G. Booch, (2004).The Unified Modeling
Language Reference Manual. 2nd Edn., Wesley, Boston, MA., USA.,
ISBN: 978-0321245625.
[17] Hogarth, R. (1985). Judgment and Choice, vol 2.Wiley, Chichester.
[18]Grady Booch (1998).Object-oriented analysis and design with applications
2nd ed. Rational Santa Clara, California ISBN 0-8053-5340-2
[19] Ingalls, D. (1981). Design Principles behind Smalltalk. vol. 6(8), p. 290.
[20] Jeffrey A.; Hoffer, V. Ramesh and HeikkiTopi (2010).Modern database
management Tenth Edition. Publisher: Pearson Education; ISBN-10:
1408264315, ISBN-13: 978-1408264317.
[21] Lagerschulte P. (2014). IT internal audit. Published by KPMG.
[22] M. Krishna Moorthy, A. Seetharaman, Zulkifflee Mohamed, Meyyappan
Gopalan, Lee Har San (2011), The impact of information technology on
internal auditing, African Journal of Business Management Vol. 5(9), pp.
3523-3539, Available online at
/AJBM, ISSN 1993-8233 2011 Academic Journals.
[23] Goodwin J (2004). A comparison of internal audit in the private and public
[24] Jayalakshmy R, Seetharaman A, Khong TW (2005). The changing roleof
the auditors.
[25 Russel Jackson (2004). Get the most out of audit tools.
[26] Richard B. Lanza(2004). Can Excel Double as Audit Software. Vol. 7.
(accessed 7/12/2016)
[27] Staciokas R., and Rupsys R. (2005). Internal audit and its role in
organizational government.Management of Organizations: Systematic
Research 12, (33): 169-181.
[28] Harrison MJ, Datta P (2007). An empirical assessment of user perceptions
of feature versus application level usage. Commun Assoc Inf Syst. 20:
[29] Kim HJ, Mannino M, Nieschwietz RJ (2009). Information technology
acceptance in the internal audit profession: Impact of technology features
and complexity. Int. J. Accounting Inf. Syst. 10(4): 214-228.

which illustrate in form of signs the differ between the last wage
and prior wage of employee, and the notes that state the reasons
of the modification and the details of modification. The results
of auditing process on the outgoing according to their
confirmations, detailing the exchange item, the actual
expenditures, the confirmed expenditures which generated by
the auditing system using the existing information about the
employees and their factual compensation, and notes that
explain the reasons of differ between the actual expenditures
value and the confirmed expenditures value.
The results show that the system is expected to reduce the
complexity of internal auditing environment, the internal
auditor need not to remember the details of the last auditing
process or go back and match the earlier files and results of the
earlier proceeded audit, also help the auditor to take a good
The proposed system also has reduced some sources of error
and inconsistency which appear in internal auditing process like
the judgment errors that occur when there is a departure from a
generally accepted criterion, judgment inconsistencies that
occur whenever there is a difference between judgments, given
the same data set and objectives, regardless of whether a
generally accepted criterion exists, an error in overall judgment
occurs when the auditor issues an incorrect audit opinion, and
the inconsistency in overall audit judgments occurs when
different auditors render significantly different audit opinions
based upon an identical set of financial statements and an
identical set of audit evidence. Also, it increases the verifiability
of different views in the internal auditing process, agreeing with
Hogarths opinion.


The aim of this Study was to develop an internal auditing

system using object-oriented modeling. The study concludes
that the object-oriented modeling is capable of developing such
a system without any problem, where the internal auditing
elements can be manipulated as objects and their processes can
be manipulated as methods. Using object oriented modeling
simplify the modeling of the internal auditing process and
clarify the vision of the auditing tasks for the system analyst and
programmer. Furthermore, using object oriented modeling
minimizes the needed time to create such computer systems.
Moreover, the study concludes that the internal audit
departments can utilize the computer to a great degree in the
performance of their audit tasks. Also, the internal audit
department can use the proposed system to maximize the
integrity of the internal auditing procedures.
[1] UAE Internal Auditors Association, Published by the UAE Internal
Auditors Association, Dubai, United Arab Emirates, Research Report
December 2015.
[2]Tom Oxner, K.; Whitehead. Hawkins. and Richard. R. (1995). A Study of
Computer Usage by Internal Auditors in Canada and the United States,
Journal of International Accounting Auditing & Taxation,Volume 4,
Issue 1, Pages 27-37.
[3][ html] 05-122016.